Original URL: http://www.theregister.co.uk/2003/01/14/bbc_in_ironic_virus_infection/

BBC in ironic virus infection

Auntie's latest bloomers

By John Leyden

Posted in Security, 14th January 2003 17:18 GMT

The BBC fell victim to the latest variant of the ExploreZip worm, and a certain amount of hubris, last week.

The worm infected some of its machines, a BBC spokesperson confirmed to us today. However she wasn't prepared to go into details of the incident beyond saying that she was able to use her own email as normal. The corporations systems are now completely virus free, she assures us.

Earlier Internet reports suggest the BBC limited staff emails to below 70KB and updated its AV software to cleanse itself of the bug, which first appeared a day before the BBC got hit last Friday. Indications are that the corporation escaped relatively unscathed, even though the virus itself is potentially quite nasty.

The latest ExploreZip worm (known as ExploreZip.E or ExploreZi-N) normally spreads as an e-mail attachment and is capable of destroying document and source code files, an alert by Finnish AV firm F-Secure explains.

The worm infects Windows PCs and modifies them so that the worm will reply to unread e-mails, sending dummy responses with an infected attachment (zipped_files.exe).

In essence the worm is little different from the original ExploreZip worm worm of 1999.

The appearance of the original worm led to an extensive write up on the BBC's Web site, which didn't spare the blushes of rival Sky in noting its systems became infected with the original worm.

Strangely there's no report of the latest variant on the appearance of ExloreZip II (the variant) on the BBC's Web site.

Funny that, isn't it? ®